Cyber insurers in the UK paid out nearly £200 million last year as ransomware and malware incidents crippled business operations.
Cyber insurance payouts in the UK surged by 230% in 2024, reaching £197 million ($259 million), according to the Association of British Insurers (ABI). The total represents a dramatic increase from £59 million the previous year, as companies faced escalating ransomware and malware incidents that disrupted operations and caused major financial losses.
Malware and ransomware were responsible for 51% of all claims, up from 32% in 2023, marking a major rise in the severity and cost of cyberattacks. The number of cyber insurance policies purchased by UK businesses also grew by 17% over the same period.
The ABI said the figures show that cyberattacks are becoming more sophisticated, with attacks now capable of paralyzing business systems for extended periods. The report shows ransomware’s growing impact across sectors, from small enterprises to large corporations.
Insurers paid £138 million more than in 2023, proving how rapidly the cost of cyber risk has escalated. While payouts rose sharply, ABI stated that cyber insurance is not just about recovery but also prevention. Many policies now include proactive support such as cybersecurity assessments, threat intelligence access, and incident response planning.
Jonathan Fong, Head of General Insurance Policy at the ABI, said, “Cyber insurance is more than just a financial safety net. The right policy not only supports businesses in the aftermath of an incident but can also help prevent attacks through access to expert advice, threat monitoring, and incident response planning.”
Fong also called on UK businesses to integrate cyber insurance into their broader risk management frameworks, noting that the sector’s maturity has made it a necessary safeguard in a climate of persistent digital threats.
The surge in UK cyber insurance payouts reflects a wider debate about how to curb the financial incentives behind ransomware. Some experts argue that banning ransom payments through insurance would have little effect. As Google Cloud’s Monica Shokrai told The Register, “I’m not convinced that banning the ransom from being paid by cyber insurance policies will remediate the issue,” noting that for large companies “the ransom itself often isn’t material, particularly compared to the cost of business interruption.” Others warned that focusing solely on payment bans ignores the deeper cause of rising claims, pointing to “widespread digital insecurity” as the real driver behind escalating losses.
Ransomware incidents now frequently involve data theft, double extortion, and prolonged system outages, increasing both the technical recovery costs and business interruption losses.
Insurers are tightening underwriting standards, requiring stronger cybersecurity controls before issuing or renewing policies, and increasing premiums to reflect higher risks.
Modern policies often include proactive services such as threat monitoring, employee training, and access to incident response teams to help reduce the likelihood and impact of future attacks.